CN104023023A - IOT security risk distributed evaluation method - Google Patents

IOT security risk distributed evaluation method Download PDF

Info

Publication number
CN104023023A
CN104023023A CN201410265228.3A CN201410265228A CN104023023A CN 104023023 A CN104023023 A CN 104023023A CN 201410265228 A CN201410265228 A CN 201410265228A CN 104023023 A CN104023023 A CN 104023023A
Authority
CN
China
Prior art keywords
internet
things
security threat
local
detector
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201410265228.3A
Other languages
Chinese (zh)
Other versions
CN104023023B (en
Inventor
刘才铭
张雁
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Leshan Normal University
Original Assignee
Leshan Normal University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Leshan Normal University filed Critical Leshan Normal University
Priority to CN201410265228.3A priority Critical patent/CN104023023B/en
Publication of CN104023023A publication Critical patent/CN104023023A/en
Application granted granted Critical
Publication of CN104023023B publication Critical patent/CN104023023B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Computer And Data Communications (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention provides an IOT (Internet of Things) security risk distributed evaluation method. According to the method, an IOT gateway, a computer network, a local IOT security threat detection module, a local IOT security risk calculation module, an IOT integral security risk calculation module, an IOT security threat feature library, an IOT security threat perniciousness library and an IOT asset value library are used. The IOT security risk distributed evaluation method comprises the following steps that: the local IOT security threat is detected; a local IOT security thread detector is subjected to attenuation; the local IOT security risk is calculated; and the IOT integral security risk is calculated. The method has the advantages that a distributed IOT security threat detection and local security risk calculation method is adopted; in addition, the dynamic change of the IOT security threat is tracked, and meanwhile, the IOT security threat perniciousness and the IOT asset value are combined for quantificationally calculating the IOT faced security risk value; the large-scale IOT security data can be effectively analyzed; and in addition, the IOT security risk can be quantificationally calculated.

Description

The distributed appraisal procedure of a kind of Internet of Things security risk
Technical field
The invention belongs to field of information security technology, be specifically related to the distributed appraisal procedure technology of a kind of Internet of Things security risk.
Background technology
Internet of Things security risk assessment is the important technology of Internet of Things efficient public security system, its assessment result be formulate initiatively, the important evidence of positive Internet of Things Prevention-Security strategy, the general safety situation that it holds Internet of Things for Internet of Things safety manager is significant.Internet of Things sensing node is due to dispersed reason, the data volume producing is huge, and traditional security risk assessment mainly adopts data centralization assessment technology and qualitative evaluation technology, be difficult to effectively process large-scale Internet of Things secure data, reduce the accuracy of Internet of Things security risk assessment, also directly had influence on studying and judging Internet of Things security situation.
Application number is that 201310055041.6 Chinese invention patent discloses a kind of Information Security Risk Assessment Methods based on fault tree, in the method, adopting FTA to realize system risk to the network equipment calculates, and adopt non-intersect minimum cut sets to carry out risk qualitative analysis and top event probability analysis, carry out fast the location of system weakest link and calculate its probability of happening, carry out system safety deciding grade and level by the method, and propose corresponding measures to rectify and reform.But the method is not according to the condition evaluation security risk of actual security threat, and just security risk is carried out to qualitative and probability analysis, can not quantitative evaluation Information Security Risk, with certain subjectivity and one-sidedness, be difficult to be applied in Internet of Things security risk assessment.
Summary of the invention
The technical problem to be solved in the present invention is to provide a kind of Internet of Things security risk distributed appraisal procedure, and this appraisal procedure has solved problems of the prior art.
In order to solve the problems of the technologies described above, the present invention realizes in the following manner:
The distributed appraisal procedure of a kind of Internet of Things security risk, comprises things-internet gateway, computer network,
Local Internet of Things security threat detection module, the Internet of Things security threat facing for detection of local Internet of Things;
Local Internet of Things security risk computing module, the security risk value facing for calculating local Internet of Things;
Internet of Things general safety Risk Calculation module, the general safety value-at-risk facing for calculating Internet of Things;
Internet of Things security threat feature database, for storing the characteristic information of Internet of Things security threat;
Internet of Things security threat harmfulness storehouse, for storing the harmfulness value of Internet of Things security threat;
Internet of Things assets value storehouse, for storing the value of Internet of Things assets;
Described things-internet gateway is multiple, respectively with local Internet of Things security threat detection module and the communication connection of local Internet of Things security risk computing module, things-internet gateway is connected by communication protocol with computer network, and described computer network is communicated by letter and is connected with Internet of Things assets value storehouse with Internet of Things general safety Risk Calculation module, Internet of Things security threat feature database, Internet of Things security threat harmfulness storehouse.
The described distributed appraisal procedure of a kind of Internet of Things security risk, comprises the following steps:
S1: detect local Internet of Things security threat;
S2: local Internet of Things security threat detector is decayed;
S3: calculate local Internet of Things security risk;
S4: calculate Internet of Things general safety risk.
Compared with prior art, the beneficial effect that the present invention has: the technical problem existing for prior art, the present invention proposes the distributed appraisal procedure of a kind of Internet of Things security risk, the method adopts distributed Internet of Things security threat to detect and local Risk Calculation method, and follow the tracks of the dynamic change of Internet of Things security threat, the bond networking harmfulness of security threat and the value of Internet of Things assets simultaneously, calculate quantitatively the security risk value that Internet of Things faces, can effectively analyze large-scale Internet of Things secure data, and calculate quantitatively Internet of Things security risk, can be used for Internet of Things safety monitoring, security audit, the systems such as security strategy deployment, have broad application prospects.
Brief description of the drawings
Fig. 1 is fundamental diagram of the present invention;
Fig. 2 is the flow chart that local Internet of Things security threat detects;
Fig. 3 is the flow chart of local Internet of Things security threat detector decay;
Fig. 4 is the flow chart that local Internet of Things security risk is calculated;
Fig. 5 is the flow chart of Internet of Things general safety Risk Calculation.
Embodiment
Below in conjunction with the drawings and specific embodiments, the specific embodiment of the present invention is described in further detail.
As shown in Figure 1, the distributed appraisal procedure of a kind of Internet of Things security risk, comprise things-internet gateway, computer network, local Internet of Things security threat detection module, local Internet of Things security risk computing module, Internet of Things general safety Risk Calculation module, Internet of Things security threat feature database, Internet of Things security threat harmfulness storehouse and Internet of Things assets value storehouse, described things-internet gateway is multiple, respectively with local Internet of Things security threat detection module and the communication connection of local Internet of Things security risk computing module, things-internet gateway is connected by communication protocol with computer network, described computer network and Internet of Things general safety Risk Calculation module, Internet of Things security threat feature database, Internet of Things security threat harmfulness storehouse is connected with the communication of Internet of Things assets value storehouse.
The data of described Internet of Things security threat feature database TL are that Internet of Things security threat data set is collected, it is by threatening numbering, threatening title and threat characteristics information to form, structure is: TL={<tID, tName, Signature}, wherein, tID is for threatening numbering, tName is for threatening title, and Signature is threat characteristics information.
The data of described Internet of Things security threat harmfulness storehouse HL are by Internet of Things security expert and engineers and technicians' assessment, it is made up of harmfulness numbering, threat numbering and harmfulness value, structure is: HL={<sID, tID, h}, wherein, sID is harmfulness numbering, tID is the corresponding numbering that threatens, and h is harmfulness value.
The data of described Internet of Things assets value storehouse AL are assessed by Internet of Things administrative staff, it is made up of asset number, assets title and assets value, its structure is: AL={<aID, aName, v}, wherein, aID is asset number, aName is assets title, and v is assets value.
Fig. 2 is the flow chart that local Internet of Things security threat detects; Fig. 3 is the flow chart of local Internet of Things security threat detector decay; Fig. 4 is the flow chart that local Internet of Things security risk is calculated; Fig. 5 is the flow chart of Internet of Things general safety Risk Calculation, as shown in the figure, the invention provides the distributed appraisal procedure of a kind of Internet of Things security risk, comprises the following steps:
S1: detect local Internet of Things security threat; Specifically comprise the following steps:
S11: read Internet of Things security threat feature database: download the characteristic information of Internet of Things security threat from Internet of Things security threat feature database, and build local Internet of Things security threat property detector data set, comprise the following steps:
S111: build local Internet of Things security threat detector data collection: the initial data set T={<tID that sets up local Internet of Things security threat detector, signature, count, time>}, wherein, the numbering that tID is detector, signature is the characteristic information of the security threat that detector is corresponding, count is the quantity that detector detects security threat, and time is the time that detector detects security threat;
S112: download Internet of Things security threat characteristic information: connect long-range Internet of Things security threat feature database, download security threat characteristic information;
S113: the local Internet of Things security threat of initialization detector data collection: according to i the Internet of Things security threat characteristic information of downloading, concentrate and set up i detector t in local Internet of Things security threat detector data i, wherein, t i.tID assignment is the numbering of corresponding security threat feature, t i.signature assignment is the characteristic information of corresponding security threat, t i.count assignment is 0;
S12: obtain Internet of Things data from things-internet gateway: access things-internet gateway, catches connected network communication data from things-internet gateway;
S13: extract Internet of Things data characteristics: according to the Internet of Things communication data formation networking data feature of catching, comprise the following steps:
S131: obtain Internet of Things communication data header packet information;
S132: obtain the critical field in header packet information;
S133: formation networking data feature: the critical field of obtaining is encapsulated to formation networking data feature;
S14: judge whether the step that security threat feature is mated with Internet of Things data characteristics: the feature of Internet of Things security threat detector is mated with Internet of Things data characteristics, comprise the following steps:
S141: feature and the Internet of Things data characteristics of comparative networking security threat detector: use t i.signature compare with Internet of Things data characteristics;
S142: judge next step operation: if do not have security threat feature to mate with Internet of Things data characteristics, finish local Internet of Things security threat and detect;
S15: upgrade security threat detector: the information to the detector that Internet of Things security threat detected is upgraded, and comprises the following steps:
S151: the count territory of the cumulative detector that security threat detected: by t i.count add 1;
S152: record detects the time of security threat: by t i.time be set to detect the time of security threat.
S2: local Internet of Things security threat detector is decayed; Specifically comprise the following steps:
S21: read local Internet of Things security threat detector;
S22: judge and security threat whether detected in time T, comprise the following steps:
S221: calculate current time and t i.count difference between territory: by current time and t i.count the difference between territory is assigned to T span;
S222: judge T spanwhether be less than T;
S223: judge next step operation: if T span<T, finishes local Internet of Things security threat detector decay;
S23: judge that whether detector has decayed, and comprises the following steps:
S231: judge t i.count whether territory equals 0;
S232: judge next step operation: if t i.count=0, finish local Internet of Things security threat detector decay;
S24: upgrade security threat detector, comprise the following steps:
S241: the count territory of the detector that security threat do not detected of successively decreasing: by t i.count subtract 1;
S242: upgrade the time that security threat detected: by t i.time be set to current time.
S3: calculate local Internet of Things security risk; Specifically comprise the following steps:
S31: read Internet of Things security threat detector: concentrate the information of reading in all detectors from Internet of Things security threat detector data;
S32: read Internet of Things security threat harmfulness storehouse: the harmfulness value of reading in all security threats from Internet of Things security threat harmfulness storehouse;
S33: read Internet of Things assets value storehouse: the value of reading in property networking assets from Internet of Things assets value storehouse;
S34: traversal Internet of Things security threat detector: scan one by one Internet of Things security threat detector t i;
S35: calculate the value-at-risk that current threat detection device produces: count territory, threat harmfulness and the local Internet of Things assets value of calculating current threat detection device are long-pending, is the corresponding value-at-risk R producing that threatens of current threat detection device j_i, be also R j_i=t i.count × h i× v j, wherein, h ifor the harmfulness value of security threat corresponding to current threat detection device, v jfor the value of the property networking assets under current things-internet gateway;
S36: judge that whether traversal finishes, and comprises the following steps:
S361: judge whether it is last detector: judge whether i is greater than m, wherein, m is the total quantity of security threat detector;
S362: judge next step operation: if i<m, execution step S34;
S37: calculate local Internet of Things security risk value: calculate the corresponding value-at-risk sum producing that threatens of all local threat detection devices, its assignment is given to the security risk value R of local Internet of Things j,
S4: calculate Internet of Things general safety risk; Comprise the following steps:
S41: read Internet of Things assets value storehouse: the value of reading in property networking assets from Internet of Things assets value storehouse;
S42: travel through local Internet of Things security risk value: scanning of home Internet of Things security risk value R one by one j;
S43: calculate the influence value that current local Internet of Things security risk causes Internet of Things general safety risk: calculate the amassing of assets value weight under current local Internet of Things security risk and current local things-internet gateway, be the influence value R that current local Internet of Things security risk causes Internet of Things general safety risk j_imp, be also wherein, the total quantity that n is things-internet gateway;
S44: judge that whether traversal finishes, and comprises the following steps:
S441: judge whether it is last local Internet of Things security risk: judge whether j is greater than n;
S442: judge next step operation: if j<n, execution step S42;
S45: calculate Internet of Things general safety value-at-risk: calculate the influence value sum that all local Internet of Things security risks cause Internet of Things general safety risk, by its assignment to Internet of Things general safety value-at-risk R,
The above is only embodiments of the present invention; statement again, for those skilled in the art, under the premise without departing from the principles of the invention; can also carry out some improvement to the present invention, these improvement are also listed in the protection range of the claims in the present invention.

Claims (6)

1. the distributed appraisal procedure of Internet of Things security risk, is characterized in that: comprise things-internet gateway, and computer network,
Local Internet of Things security threat detection module, the Internet of Things security threat facing for detection of local Internet of Things;
Local Internet of Things security risk computing module, the security risk value facing for calculating local Internet of Things;
Internet of Things general safety Risk Calculation module, the general safety value-at-risk facing for calculating Internet of Things;
Internet of Things security threat feature database, for storing the characteristic information of Internet of Things security threat;
Internet of Things security threat harmfulness storehouse, for storing the harmfulness value of Internet of Things security threat;
Internet of Things assets value storehouse, for storing the value of Internet of Things assets;
Described things-internet gateway is multiple, respectively with local Internet of Things security threat detection module and the communication connection of local Internet of Things security risk computing module, things-internet gateway is connected by communication protocol with computer network, and described computer network is communicated by letter and is connected with Internet of Things assets value storehouse with Internet of Things general safety Risk Calculation module, Internet of Things security threat feature database, Internet of Things security threat harmfulness storehouse.
2. the distributed appraisal procedure of a kind of Internet of Things security risk according to claim 1, is characterized in that: comprise the following steps:
S1: detect local Internet of Things security threat;
S2: local Internet of Things security threat detector is decayed;
S3: calculate local Internet of Things security risk;
S4: calculate Internet of Things general safety risk.
3. the distributed appraisal procedure of a kind of Internet of Things security risk according to claim 2, is characterized in that: described S1 detects local Internet of Things security threat; Specifically comprise the following steps:
S11: read Internet of Things security threat feature database: download the characteristic information of Internet of Things security threat from Internet of Things security threat feature database, and build local Internet of Things security threat property detector data set, comprise the following steps:
S111: build local Internet of Things security threat detector data collection: the initial data set T={<tID that sets up local Internet of Things security threat detector, signature, count, time>}, wherein, the numbering that tID is detector, signature is the characteristic information of the security threat that detector is corresponding, count is the quantity that detector detects security threat, and time is the time that detector detects security threat;
S112: download Internet of Things security threat characteristic information: connect long-range Internet of Things security threat feature database, download security threat characteristic information;
S113: the local Internet of Things security threat of initialization detector data collection: according to i the Internet of Things security threat characteristic information of downloading, concentrate and set up i detector t in local Internet of Things security threat detector data i, wherein, t i.tID assignment is the numbering of corresponding security threat feature, t i.signature assignment is the characteristic information of corresponding security threat, t i.count assignment is 0;
S12: obtain Internet of Things data from things-internet gateway: access things-internet gateway, catches connected network communication data from things-internet gateway;
S13: extract Internet of Things data characteristics: according to the Internet of Things communication data formation networking data feature of catching, comprise the following steps:
S131: obtain Internet of Things communication data header packet information;
S132: obtain the critical field in header packet information;
S133: formation networking data feature: the critical field of obtaining is encapsulated to formation networking data feature;
S14: judge whether the step that security threat feature is mated with Internet of Things data characteristics: the feature of Internet of Things security threat detector is mated with Internet of Things data characteristics, comprise the following steps:
S141: feature and the Internet of Things data characteristics of comparative networking security threat detector: use t i.signature compare with Internet of Things data characteristics;
S142: judge next step operation: if do not have security threat feature to mate with Internet of Things data characteristics, finish local Internet of Things security threat and detect;
S15: upgrade security threat detector: the information to the detector that Internet of Things security threat detected is upgraded, and comprises the following steps:
S151: the count territory of the cumulative detector that security threat detected: by t i.count add 1;
S152: record detects the time of security threat: by t i.time be set to detect the time of security threat.
4. the distributed appraisal procedure of a kind of Internet of Things security risk according to claim 2, is characterized in that: described S2 decays to local Internet of Things security threat detector; Specifically comprise the following steps:
S21: read local Internet of Things security threat detector;
S22: judge and security threat whether detected in time T, comprise the following steps:
S221: calculate current time and t i.count difference between territory: by current time and t i.count the difference between territory is assigned to T span;
S222: judge T spanwhether be less than T;
S223: judge next step operation: if T span<T, finishes local Internet of Things security threat detector decay;
S23: judge that whether detector has decayed, and comprises the following steps:
S231: judge t i.count whether territory equals 0;
S232: judge next step operation: if t i.count=0, finish local Internet of Things security threat detector decay;
S24: upgrade security threat detector, comprise the following steps:
S241: the count territory of the detector that security threat do not detected of successively decreasing: by t i.count subtract 1;
S242: upgrade the time that security threat detected: by t i.time be set to current time.
5. the distributed appraisal procedure of a kind of Internet of Things security risk according to claim 2, is characterized in that: described S3 calculates local Internet of Things security risk; Specifically comprise the following steps:
S31: read Internet of Things security threat detector: concentrate the information of reading in all detectors from Internet of Things security threat detector data;
S32: read Internet of Things security threat harmfulness storehouse: the harmfulness value of reading in all security threats from Internet of Things security threat harmfulness storehouse;
S33: read Internet of Things assets value storehouse: the value of reading in property networking assets from Internet of Things assets value storehouse;
S34: traversal Internet of Things security threat detector: scan one by one Internet of Things security threat detector t i;
S35: calculate the value-at-risk that current threat detection device produces: count territory, threat harmfulness and the local Internet of Things assets value of calculating current threat detection device are long-pending, is the corresponding value-at-risk R producing that threatens of current threat detection device j_i, be also R j_i=t i.count × h i× v j, wherein, h ifor the harmfulness value of security threat corresponding to current threat detection device, v jfor the value of the property networking assets under current things-internet gateway;
S36: judge that whether traversal finishes, and comprises the following steps:
S361: judge whether it is last detector: judge whether i is greater than m, wherein, m is the total quantity of security threat detector;
S362: judge next step operation: if i<m, execution step S34;
S37: calculate local Internet of Things security risk value: calculate the corresponding value-at-risk sum producing that threatens of all local threat detection devices, its assignment is given to the security risk value R of local Internet of Things j,
6. the distributed appraisal procedure of a kind of Internet of Things security risk according to claim 2, is characterized in that: described S4 calculates Internet of Things general safety risk; Comprise the following steps:
S41: read Internet of Things assets value storehouse: the value of reading in property networking assets from Internet of Things assets value storehouse;
S42: travel through local Internet of Things security risk value: scanning of home Internet of Things security risk value R one by one j;
S43: calculate the influence value that current local Internet of Things security risk causes Internet of Things general safety risk: calculate the amassing of assets value weight under current local Internet of Things security risk and current local things-internet gateway, be the influence value R that current local Internet of Things security risk causes Internet of Things general safety risk j_imp, be also wherein, the total quantity that n is things-internet gateway;
S44: judge that whether traversal finishes, and comprises the following steps:
S441: judge whether it is last local Internet of Things security risk: judge whether j is greater than n;
S442: judge next step operation: if j<n, execution step S42;
S45: calculate Internet of Things general safety value-at-risk: calculate the influence value sum that all local Internet of Things security risks cause Internet of Things general safety risk, by its assignment to Internet of Things general safety value-at-risk R,
CN201410265228.3A 2014-06-13 2014-06-13 IOT security risk distributed evaluation method Expired - Fee Related CN104023023B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410265228.3A CN104023023B (en) 2014-06-13 2014-06-13 IOT security risk distributed evaluation method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410265228.3A CN104023023B (en) 2014-06-13 2014-06-13 IOT security risk distributed evaluation method

Publications (2)

Publication Number Publication Date
CN104023023A true CN104023023A (en) 2014-09-03
CN104023023B CN104023023B (en) 2017-02-15

Family

ID=51439593

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410265228.3A Expired - Fee Related CN104023023B (en) 2014-06-13 2014-06-13 IOT security risk distributed evaluation method

Country Status (1)

Country Link
CN (1) CN104023023B (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106789946A (en) * 2016-11-30 2017-05-31 平顶山学院 A kind of Internet of Things security evaluation method
CN108650157A (en) * 2018-05-18 2018-10-12 深圳源广安智能科技有限公司 A kind of intelligent domestic system
CN108810033A (en) * 2018-07-25 2018-11-13 安徽三实信息技术服务有限公司 A kind of Internet of Things safety control system and control method
CN117811839A (en) * 2024-02-29 2024-04-02 北京双湃智安科技有限公司 Network security monitoring device and method for monitoring Internet of things equipment

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040015728A1 (en) * 2002-01-15 2004-01-22 Cole David M. System and method for network vulnerability detection and reporting
CN102404324A (en) * 2011-11-23 2012-04-04 郭正韦华 System for sensing safety of node data of Internet of things
CN102622632A (en) * 2012-02-28 2012-08-01 刘杨志 Quality safety management identification forming method and quality safety management identification forming system based on internet of things

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040015728A1 (en) * 2002-01-15 2004-01-22 Cole David M. System and method for network vulnerability detection and reporting
CN102404324A (en) * 2011-11-23 2012-04-04 郭正韦华 System for sensing safety of node data of Internet of things
CN102622632A (en) * 2012-02-28 2012-08-01 刘杨志 Quality safety management identification forming method and quality safety management identification forming system based on internet of things

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
张雁等: ""一种物联网安全威胁危害度计算方法"", 《信息与电脑》 *
雷璟: ""物联网安全测评和风险评估技术研究"", 《电讯技术》 *

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106789946A (en) * 2016-11-30 2017-05-31 平顶山学院 A kind of Internet of Things security evaluation method
CN108650157A (en) * 2018-05-18 2018-10-12 深圳源广安智能科技有限公司 A kind of intelligent domestic system
CN108810033A (en) * 2018-07-25 2018-11-13 安徽三实信息技术服务有限公司 A kind of Internet of Things safety control system and control method
CN117811839A (en) * 2024-02-29 2024-04-02 北京双湃智安科技有限公司 Network security monitoring device and method for monitoring Internet of things equipment
CN117811839B (en) * 2024-02-29 2024-04-26 北京双湃智安科技有限公司 Network security monitoring device and method for monitoring Internet of things equipment

Also Published As

Publication number Publication date
CN104023023B (en) 2017-02-15

Similar Documents

Publication Publication Date Title
CN103581186B (en) A kind of network security situational awareness method and system
CN104767757B (en) Various dimensions safety monitoring method and system based on WEB service
WO2016192495A1 (en) Account theft risk identification method, identification apparatus, and prevention and control system
US11132752B2 (en) Integrity management system to manage and control data between entities in an oil and gas asset supply chain
CN102340485B (en) Network security situation awareness system and method based on information correlation
CN101902366B (en) Method and system for detecting abnormal service behaviors
CN107241352A (en) A kind of net security accident classificaiton and Forecasting Methodology and system
CN105471882A (en) Behavior characteristics-based network attack detection method and device
CN104023023A (en) IOT security risk distributed evaluation method
Singh et al. An approach to understand the end user behavior through log analysis
CN103905440A (en) Network security situation awareness analysis method based on log and SNMP information fusion
CN116861446A (en) Data security assessment method and system
CN118133339B (en) Compliance intelligent early warning system and early warning method based on data behavior feature analysis
Ruan et al. Deep learning for cybersecurity in smart grids: Review and perspectives
CN113704328B (en) User behavior big data mining method and system based on artificial intelligence
CN110460576A (en) A kind of multifunctional network Security Situation Awareness Systems
CN114036059A (en) Automatic penetration testing system and method for power grid system and computer equipment
Soo Lon Wah et al. Damage detection under temperature conditions using PCA–an application to the Z24 Bridge
CN110460575A (en) One kind can be realized security audit functional network Security Situation Awareness Systems
CN117176441A (en) System and method for detecting security log event of network equipment
Flammini et al. Optimisation of security system design by quantitative risk assessment and genetic algorithms
CN112084239A (en) Signaling network security mining analysis method based on big data characteristic model recognition
Shakya et al. Intrusion detection system using back propagation algorithm and compare its performance with self organizing map
Sharma et al. Temporal and consumer driven cluster analysis for identification of FDI attacks in smart grid
CN109951445A (en) Network security settlement of insurance claim appraisal procedure and system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20170215

Termination date: 20200613

CF01 Termination of patent right due to non-payment of annual fee